Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Get files ready for 1.1 release1.1Arthur de Jong2019-02-105-5/+212
|
* Add Python 3.7 in Travis and reduce build matrixArthur de Jong2019-02-102-6/+23
| | | | | This runs the signxml flavour on all Python versions and only runs all other flavours on Python 2.6 and 3.6.
* Make the multi-line operator place explicitArthur de Jong2019-02-101-0/+1
| | | | Recent versions of flake8 changed the defaults of the errors to ignore.
* Ignore more flake8 messagesArthur de Jong2018-07-301-3/+3
|
* Add links to script documentationArthur de Jong2018-05-212-0/+16
|
* Implement csv2pcks scriptArthur de Jong2018-04-216-0/+867
|\
| * Add --skip-columns optionArthur de Jong2018-04-213-1/+65
| | | | | | | | | | | | This option can be used to skip a number of rows in the CSV file before the key data is read. If the number of rows to skip is 0, the column interpretation should be provided using the --columns option.
| * Add --set optionArthur de Jong2018-04-213-1/+60
| | | | | | | | | | This option can be used to set key properties for all keys in the PSKC file.
| * Add --columns optionArthur de Jong2018-04-213-5/+127
| | | | | | | | | | | | This option can be used to override the list of columns as found in the first line of the CSV file or provide a mapping for values found in the first line to PSKC properties.
| * Add a csv2pskc script for CSV to PSKC conversionArthur de Jong2018-04-216-0/+622
|/ | | | | | This script reads a CSV file and writes out a PSKC file with the key information from the CSV file. The CSV file is expected to have one row for each key and key property values in columns.
* Ship the script as part of the pskc packageArthur de Jong2018-04-0211-252/+325
| | | | | This also installs pskc2csv and pskc2pskc console script entry points as part of the package installation.
* Support setting key sub-properties via add_key()Arthur de Jong2018-04-023-17/+31
|
* Increase default PBKDF2 iterations to 100000Arthur de Jong2018-03-114-5/+5
|
* Support building a universal wheelArthur de Jong2018-02-211-0/+6
|
* Add and cleanup docstringsArthur de Jong2018-02-159-36/+62
| | | | | | | | This adds docstrings to public methods and cleans up a few other docstrings to pass most flake8 docstring related tests. This also adds noqa statements in a few places so we can remove most entries from the global flake8 ignore list.
* Add a pskc2pskc script for converting PSKC filesArthur de Jong2018-02-105-4/+573
| | | | | | This script reads a PSKC file in any supported format and writes out a RFC 6030 compliant version of the file, optionally with the encryption removed or (re-)encrypting the file with a new key.
* Correctly write a PSKC file without a MAC keyArthur de Jong2018-02-092-0/+94
| | | | | | | | In some cases a PSKC file can be written with a MAC algorithm but without a MAC key. This is possible when the MAC key is not supplied (allowed in older PSKC versions) and a fallback to the encryption key is done. If we have not yet decrypted the file the MAC key is not yet available and so can't be included in the written file.
* Correctly write a PSKC file with a global IVArthur de Jong2018-02-093-4/+51
| | | | | | | This ensures that the encryption IV, which should be per encrypted value is written out per encrypted value instead of globally. This is mostly useful for when reading an old format PSKC file and writing out a RFC 6030 compliant one.
* Also use EncryptedValue for MAC keyArthur de Jong2018-02-093-27/+24
| | | | | | | | This ensures that an encrypted MAC key is hanled in the same way as normal encrypted data values. This also ensures consistent fallback to the globally configured encryption algorithm if no value has been set in the EncryptedValue.
* Always output a PSKC 1.0 format fileArthur de Jong2018-02-081-3/+2
| | | | | This ignores the value of the version attribute in the PSKC object and always writes a PSKC 1.0 (RFC 6030) format file.
* Implement removing encryptionArthur de Jong2018-02-084-6/+57
| | | | | This adds a function to decrypt all values and remove the encryption of an encrypted PSKC file.
* Add a Travis configuration fileArthur de Jong2018-02-081-0/+23
|
* Fix code style issuesArthur de Jong2018-02-083-3/+2
| | | | Fixes 1ff3237f, 84bfb8a6 and 20bf9c5
* Fixes to test suiteArthur de Jong2018-02-083-0/+20
| | | | | | | This ensures that the tests also work without a TTY and work regardless of the PYTHONWARNINGS and TZ environment variables Fixes cd33833
* Get files ready for 1.0 release1.0Arthur de Jong2017-12-295-4/+388
|
* Not all XML serialisers write namespaces in same orderArthur de Jong2017-12-291-6/+6
| | | | | | This ignores the namespace declarations in the generated XML files because not all implementations on all environments write these in the same order.
* Add Sphinx documentation checksArthur de Jong2017-12-293-4/+8
| | | | This also slightly tunes the way Sphinx documentation is built.
* Add support for PyPyArthur de Jong2017-12-292-1/+3
|
* Add support for Python 3.7Arthur de Jong2017-12-292-2/+3
|
* Use README as package long descriptionArthur de Jong2017-12-292-15/+13
|
* Add an is_encrypted propertyArthur de Jong2017-12-274-12/+27
| | | | | | This property can be use to see whether the PSKC file needs an additional pre-shared key or passphrase to decrypt any stored information.
* Implement XML signature checkingArthur de Jong2017-12-2723-28/+750
|\
| * Add documentation for signed PSKC filesArthur de Jong2017-12-275-3/+123
| |
| * Implement signature checkingArthur de Jong2017-12-2717-13/+486
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for creating and verifying embedded XML signatures in PSKC files. This uses the third-party signxml library for actual signing and verification. The signxml library has a dependency on lxml and defusedxml (and a few others) but all parts of python-pskc still work correctly with our without lxml and/or defusedxml and signxml is only required when working with embedded signatures. This modifies the tox configuration to skip the signature checks if singxml is not installed and to only require 100% code coverage if the signature tests are done.
| * Move namespace moving to own functionArthur de Jong2017-12-271-11/+16
| |
| * Implement basic parsing of signature propertiesArthur de Jong2017-12-275-1/+125
|/
* Explicitly close output file in pskc2csvArthur de Jong2017-12-271-0/+2
| | | | | | This ensures that the file descriptor is closed if we opened the file. This is not a big problem for the script (because the script exists anyway) but causes problems for the tests.
* Fix typo in pin_max_failed_attempts attributeArthur de Jong2017-12-186-8/+44
| | | | | This makes the old name (pin_max_failed_attemtps) available as a deprecated property.
* Add limited support for very old draft PSKC versionsArthur de Jong2017-12-156-13/+396
| | | | | | | | | | | | This adds basic support for parsing the PSKC files as specified in draft-hoyer-keyprov-portable-symmetric-key-container-00 and draft-hoyer-keyprov-portable-symmetric-key-container-01. It should be able to extract secrets, counters, etc. but not all properties from the PSKC file are supported. It is speculated that this format resembles the "Verisign PSKC format" that some applications produce.
* Add test files from multiOTPArthur de Jong2017-12-1511-0/+2012
| | | | | | | This adds tests for parsing the files that are shipped as part of the multiOTP test suite. https://www.multiotp.net/
* Refactor internal storate of encrypted valuesArthur de Jong2017-12-156-179/+185
| | | | | | | | | | | This changes the way encrypted values are stored internally before being decrypted. For example, the internal _secret property can now be a decrypted plain value or an EncryptedValue instance instead of always being a DataType, simplifying some things (e.g. all XML encoding/decoding is now done in the corresponding module). This should not change the public API but does have consequences for those who use custom serialisers or parsers.
* Add support for KW-Camellia suite of algorithmsArthur de Jong2017-12-136-6/+137
|
* Add support for Camellia-CBC suite of algorithmsArthur de Jong2017-12-135-2/+161
|
* Add a manual page for pskc2csvArthur de Jong2017-10-113-4/+70
|
* Ignore missing docstring in __init__ in flakeArthur de Jong2017-10-091-1/+1
|
* Replace pycrypto with cryptographyArthur de Jong2017-10-0910-152/+87
| | | | | | | | | The cryptography library is better supported. This uses the functions from cryptography for AES and Triple DES encryption, replaces the (un)padding functions that were previously implemented in python-pskc with cryptography and uses PBKDF2 implementation from hashlib.
* Use PBKDF2 from hashlibArthur de Jong2017-10-091-9/+18
| | | | | | This uses pbkdf2_hmac() from hashlib for the PBKDF2 calculation. The downside of this is that this function is only available since Python 2.7.8.
* Replace use of pycrypto utility functionsArthur de Jong2017-10-016-29/+34
| | | | | | This uses os.urandom() as a source for random data and replaces other utility functions. This also removes one import for getting the lengths of Tripple DES keys.
* Implement our own XML formattingArthur de Jong2017-09-253-14/+40
| | | | | | This avoids a using xml.dom.minidom to indent the XML tree and keep the attributes ordered alphabetically. This also allows for customisations to the XML formatting.
* Support hashlib from Python 2.7.3Arthur de Jong2017-09-241-1/+4
| | | | | Some Python versions don't have the algorithms_available property but do have the algorithms property in hashlib.